[Backport v2.7] Cannot create new cloud credentials for custom node drivers

[rancherbot]

This is a backport issue for #8523, automatically created via rancherbot by @mantis-toboggan-md

Original issue description:

Setup

• Rancher version: v2.7-head (7913e28)
• Browser type & version: Google Chrome: Version 111.0.5563.64 (Official Build) unknown (64-bit)

Describe the bug

When enabling some custom node drivers, the Cloud Credential creation page doesn't not show the correct default fields, and has an uneditable foo key.

To Reproduce

• Enable a custom node driver (in my case, cloud.ca)
• Try to create a cloud credential (the correct key (apiKey) should show up the first time).
• Delete the cloud credential
• Attempt to create another cloud credential

Result

An unremovable foo key is present

Expected Result

Correct field apiKey shows in UI

Screenshots

Additional context

I've noticed this on other cloud providers as well. As an aside, what populated these fields by default? Is it hard coded, or is it interpolated from available fields (from a list of token, apiKey, password, etc.), or is it coming from the backend somewhere and I've missed it?

[markusewalker]

QA TEST PLAN

Scenarios

Scenario	Test Case
1	As a standard user, attempt to create a cloud credential for node driver Cloud.ca, delete that credential and add additional cloud credentials
2	As a standard user, attempt to create a cloud credential for node driver Open Telekom Cloud, delete that credential and add additional cloud credentials

[markusewalker]

Tested this against v2.7-head rancher/rancher@0c76b3f. Please see results below:

ENVIRONMENT DETAILS

• Rancher install: Helm
• Rancher version: v2.7-head rancher/rancher@0c76b3f
• Browser: Chrome

TEST RESULT

Scenario	Test Case	Result
1	As a standard user, attempt to create a cloud credential for node driver Cloud.ca, delete that credential and add additional cloud credentials	❌
2	As a standard user, attempt to create a cloud credential for node driver Open Telekom Cloud, delete that credential and add additional cloud credentials	✅

VALIDATION STEPS

Scenario 1

1. As a standard user, attempted to provision a downstream RKE2 node driver using Cloud.ca.
2. When creating a cloud credential, it never creates and it loops me back as shown below:
   
3. The cloud credential claims it is Saved, but it does not appear in the Cloud Credentials list in Cluster Management:
   

---

Scenario 2

1. As a standard user, attempted to provision a downstream RKE2 node driver using Open Telekom Cloud.
2. Successfully able to create a cloud credential and it appears in the Cloud Credentials list in Cluster Management:
   
3. Validated that I am able to delete the cloud credential and create a new one as well with no issues.

[mantis-toboggan-md]

This one is odd - I'm not super familiar w/ custom node drivers/cred but I think there might be a backend issue here. When I (try to?) create a cloud.ca credential, the HTTP response status is 201 (created) but the response body is null and when I visit <server url>/v1/cloudcredentials I can see that it is indeed not created.

Screen.Recording.2023-04-05.at.2.09.35.PM.mov

Edit: I've tried creating a cloud.ca RKE1 cluster in the old UI and I see different behavior entirely, where there is no attempt to create a cloud credential. I think we are likely handling some custom node drivers incorrectly in the dashboard; I'll continue to investigate

[mantis-toboggan-md]

cloud.ca and cloudscale both have custom UIs to handle credentials/node templates for the Ember UI, and the generic credential creator used for RKE2 provisioning doesn't work with them. Of the node drivers available by default, these are the only two that appear to have credential creation issues in the dashboard. There are some other node drivers that have custom UI defined for RKE1/ember, eg nutanix, but they don't have the same problem with cloud credential creation, though I don't have real credentials for any of these platforms to verify that others actually work with RKE2.

How did this get the regression label btw? This looks like something that never worked. It looks like something we can't fix in time for 2.7.2. I'm not sure what we would want to do here: hide those options for RKE2 until we have custom Vue UI to handle them...? cc @gaktive

[gaktive]

Looks like regression was added from the original ticket and the backport adopted it, but if this never worked, then it's not a regression at all, so we should remove them off both.

At this stage, we can push this out since it's not a blocker. However, we should dig into this for Q2. @mantis-toboggan-md what kind of credentials would you need?

[mantis-toboggan-md]

I don't know enough about this area to answer that with confidence @gaktive but of the custom in-tree node drivers, cloud.ca, cloudscale, nutanix, outscale, pinganyunecs, and phoenixnap have uiUrl set (ie they have made their own UI to use in Ember's node templates) and are, I think, suspect here.

Maybe @nwmac knows more since he's looked into custom node drivers recently?

[gaktive]

Since we already have a Q2 ticket and it looks like we'll have to fix this then, we can close this ticket, unless @markusewalker has another workflow to use for QA tracking purposes

However, @markusewalker do you have an environment that UI could use to access cloud.ca?

[markusewalker]

@gaktive I do not have a workflow aside from this reported ticket that I am aware of. I can provide an environment first thing tomorrow morning offline to you both 😄

[gaktive]

OK, based on the fact that this has been problem for a while, we'll close this but this will need a release note.